# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Win32/Emotet#tab=2
# Reference: http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Spammer:Win32/Cetsiol.A#tab=2
# Reference: http://www.securityhome.eu/malware/malware.php?mal_id=1193064972549a82b0400072.08119525

ajeyftrjqeashgda.mobi
bardubar.com
cryspellingslaveseducation.eu
distrbilko.pw
labamito.ru
likesomessfortelr.eu
mail.ps4hacked.es
naimjax.ru
qwuyegasd3edarq6yu.org
thehappylattersforallpeopleoftheworld.eu
usportrock.ru
www6067ug.sakura.ne.jp

# Reference: https://pastebin.com/csipUv2z

http://regionsnews.net/OEqhU8Lg5
http://barcounterstools.info/gwzel4FlN0
http://latemia.com.br/obrqY699Rj
http://bestofcareer.com/clwPPAOykd
http://reelcreations.ie/KAqmCDJk
http://seaweldci.com/ADR
http://seilanithih.com.kh/Rfg0JO1
http://sunflowerschoolandcollege.com/ibb/papkaa17/OWFktY
http://dealtimer.com/AsIn9
http://abujarealproperties.com/fl
http://zippyrooter.com/lvUg6HFdC
http://puntoyaparteseguros.com/B9P3zyHmix
http://fastinternet.net.au/WDnndUN
http://mebel-m.com.ua/HuvTFu8
http://tomas.datanom.fi/testlab/YHMLRXJ
http://aliu-rdc.org/QwWKYJxM
http://2idiotsandnobusinessplan.com/wC7
http://7naturalessences.com/DFaSvtrS
http://hostmktar.com/mP
http://benimdunyamkres.com/v0vig1G1
http://alpharockgroup.com/HT
http://adminflex.dk/l5TF6w
http://gailong.net/X5AyWfJG
http://shunji.org/logsite/TJaaB
http://binar48.ru/OtTlVIU5
http://tonda.us/nK8Gqwgp8
http://acejapan.net/gTFikCcVIF
http://www.finspangonline.se/qpSw0SD
http://yazilimextra.com/jHQNAQVM9
http://tpms.net.pl/gXJTQL6qMO
http://ysd63.com/xw0jDX
http://exclusiv-residence.ro/IuWn6
http://leizerstamp.ir/zqiQcpE
http://firstchoicetrucks.net/kCV0l
http://olsenelectric.com/zVz4iwC

# Reference: https://www.malware-traffic-analysis.net/2018/08/16/index2.html

theeunload.website
mykeeptake.xyz

# Reference: https://www.virustotal.com/#/domain/bizercise.top

bizercise.top

# Reference: https://blog.talosintelligence.com/2019/03/threat-roundup-for-mar-01-to-mar-08.html (Doc.Downloader.Emotet-6878774-0)

uka.me
woelf.in

# Reference: https://twitter.com/Cryptolaemus1/status/1113429409946644480
# Reference: https://pastebin.com/raw/DZd2628u

192.186.96.125:8080
83.110.216.26:8443
189.159.103.149:8080
200.126.225.56:8080
189.190.169.221:7080
104.236.135.119:8080
162.243.125.212:8080
217.13.106.160:7080
5.230.147.179:8080
64.13.225.150:8080
94.76.200.114:8080
212.122.71.196:995
174.93.130.148:8443
181.92.117.141:993
133.242.156.30:7080
91.92.191.134:8080
63.77.201.245:443
69.198.17.7:8080
181.39.51.243:993
27.130.153.101:53
187.189.195.208:8443
174.106.108.31:80
60.49.36.149:50000
70.57.82.196:80
62.75.187.192:8080
95.128.43.213:8080
73.217.113.111:80
87.106.139.101:8080
211.63.71.72:8080
173.255.250.241:443
190.161.186.116:80
178.62.37.188:443
175.100.138.82:22
201.220.152.101:80
208.78.100.202:8080
167.114.210.191:8080
204.184.25.150:143
184.22.6.124:7080
45.33.49.124:443
201.152.34.208:995
85.104.59.244:20
103.12.133.7:8080
203.210.237.200:993
87.106.210.123:80
45.123.3.54:443
173.255.196.209:8080
138.201.140.110:8080
78.186.5.109:443
105.101.6.219:8080
186.4.234.27:443
83.222.124.62:8080
187.198.57.250:7080
147.135.210.39:8080
24.63.218.229:80
50.31.0.160:8080
67.205.149.117:443

# Reference: https://twitter.com/makflwana/status/1085118389633175555

87.207.58.148:20

# Reference: https://twitter.com/pollo290987/status/1114007607352725504

103.12.133.7:8080
104.2.2.153:8080
104.236.135.119:8080
104.236.24.85:443
105.101.6.219:8080
105.225.191.133:80
106.51.237.174:50000
109.104.79.48:8080
109.73.52.242:8080
110.169.107.239:443
114.79.191.12:20
115.254.91.178:7080
115.74.214.134:443
120.63.130.239:465
125.99.106.225:80
133.242.156.30:7080
136.49.87.106:80
138.201.140.110:8080
138.68.139.199:443
139.59.19.157:80
144.76.117.247:8080
147.135.210.39:8080
154.120.228.126:8080
162.243.125.212:8080
165.227.213.173:8080
167.114.210.191:8080
171.101.196.138:80
173.255.196.209:8080
173.255.250.241:443
174.106.108.31:80
174.93.130.148:8443
175.100.138.82:22
176.58.93.123:8080
178.62.37.188:443
179.8.124.11:443
181.118.101.22:8080
181.15.177.100:443
181.16.4.180:80
181.170.252.83:80
181.170.93.38:8080
181.39.51.243:993
181.44.231.127:443
181.56.165.97:53
181.92.117.141:993
182.176.184.81:22
183.82.1.142:7080
184.160.113.4:993
184.22.6.124:7080
184.95.192.237:80
185.191.177.79:143
185.86.148.222:8080
186.139.160.193:8080
186.4.234.27:443
187.153.103.175:443
187.189.195.208:8443
187.189.210.143:80
187.198.57.250:7080
187.228.144.250:143
187.234.36.129:8443
188.51.153.187:993
189.148.145.183:50000
189.150.218.69:8080
189.156.223.10:20
189.159.103.149:8080
189.186.208.24:8443
189.190.169.221:7080
189.208.239.98:443
189.222.167.65:20
189.252.110.239:443
189.252.15.206:443
190.0.32.206:8080
190.104.229.114:8090
190.117.206.153:443
190.117.82.103:443
190.128.26.2:80
190.146.86.180:443
190.15.198.47:80
190.161.186.116:80
190.18.153.249:80
190.18.219.56:443
190.185.241.151:443
190.186.70.146:21
190.230.219.95:20
190.35.109.41:990
190.36.237.47:8443
190.96.118.53:443
190.97.219.241:80
192.155.90.90:7080
192.163.199.254:8080
192.186.96.125:8080
192.228.158.238:443
197.248.67.226:8080
197.88.12.80:53
200.114.142.40:8080
200.125.190.126:8080
200.126.225.56:8080
201.110.165.146:8443
201.138.11.223:8080
201.146.85.239:22
201.152.34.208:995
201.152.64.25:20
201.165.102.49:443
201.170.241.239:8080
201.220.152.101:80
201.236.95.82:80
201.239.154.191:443
201.97.91.217:443
203.210.237.200:993
204.138.46.166:7080
204.184.25.150:143
208.180.246.147:80
208.78.100.202:8080
209.159.244.240:443
210.2.86.72:8080
211.105.238.226:80
211.63.71.72:8080
212.122.71.196:995
212.31.106.90:22
216.221.73.45:443
217.13.106.160:7080
217.165.84.16:7080
217.165.84.98:20
219.94.254.93:8080
23.254.203.51:8080
24.137.254.148:80
24.63.218.229:80
2.50.4.159:443
27.130.153.101:53
37.209.252.121:80
41.227.243.107:80
41.71.19.150:80
43.229.62.186:8080
45.123.3.54:443
45.33.49.124:443
47.202.17.6:80
50.250.136.225:80
50.31.0.160:8080
51.255.50.164:8080
5.230.147.179:8080
5.9.128.163:8080
59.91.30.53:443
60.49.36.149:50000
61.2.56.167:80
62.75.143.100:7080
62.75.187.192:8080
63.77.201.245:443
64.13.225.150:8080
66.115.90.48:80
66.209.69.165:443
67.205.149.117:443
67.206.210.18:80
67.241.81.253:8443
68.191.37.107:80
69.163.33.82:8080
69.198.17.7:8080
70.184.8.94:80
70.57.82.196:80
71.11.157.249:80
72.47.248.48:8080
73.217.113.111:80
74.36.4.206:80
78.186.5.109:443
80.82.62.9:443
81.134.59.36:8080
81.22.137.186:8080
82.226.163.9:80
82.73.220.225:80
83.110.216.26:8443
83.110.80.67:22
83.222.124.62:8080
85.104.184.242:8080
85.104.59.244:20
87.106.139.101:8080
87.106.210.123:80
88.254.240.194:80
89.188.124.145:443
89.211.193.18:80
91.205.215.57:7080
91.92.191.134:8080
92.154.101.154:50000
92.48.118.27:8080
94.250.55.138:443
94.76.200.114:8080
95.128.43.213:8080
95.42.189.34:443
96.64.191.13:80
99.243.127.236:80

# Reference: https://twitter.com/ozuma5119/status/1123474884221382656

http://117.196.47.110/teapot/badge/ringin/merge/

# Reference: https://twitter.com/ozuma5119/status/1127619333444730886

tamsuamy.com
66.84.11.168:8080

# Reference: https://twitter.com/P3pperP0tts/status/1135976656751996928

142.4.198.249:7080
162.243.125.212:8080
170.150.11.245:8080

# Reference: https://twitter.com/bry_campbell/status/1164689134012833792
# Reference: https://pastebin.com/raw/7Kq2e1ik

104.131.11.150:8080
104.131.208.175:8080
104.236.151.95:7080
142.93.88.16:443
144.139.247.220:80
159.89.179.87:7080
162.144.119.216:8080
162.243.125.212:8080
170.150.11.245:8080
176.31.200.130:8080
177.242.214.30:80
187.163.180.243:22
195.242.117.231:8080
216.98.148.156:8080
217.13.106.160:7080
31.12.67.62:7080
45.123.3.54:443
45.32.158.232:7080
46.101.142.115:8080
46.105.131.69:443
64.13.225.150:8080
69.45.19.145:8080
70.32.84.74:8080
75.127.14.170:8080
91.83.93.103:7080